﻿using SIG.Model.Identity;
using SIG.Service.Identity;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Web;
using System.Web.Mvc;
using System.Web.Routing;

namespace SIG.Model.Filter
{
    public class SIGAuthAttribute : AuthorizeAttribute
    {
        IUserService _userService;
        public SIGAuthAttribute(IUserService userService)
        {
            _userService = userService;
        }

        protected virtual CustomPrincipal CurrentUser
        {
            get { return HttpContext.Current.User as CustomPrincipal; }
        }
        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            if (!filterContext.HttpContext.Request.IsAuthenticated)
            {
                filterContext.Result = new HttpUnauthorizedResult();
                return;
            }

            string originController = filterContext.RouteData.Values["controller"].ToString();
            string originAction = filterContext.RouteData.Values["action"].ToString();
            string originArea = String.Empty;
            if (filterContext.RouteData.DataTokens.ContainsKey("area"))
                originArea = filterContext.RouteData.DataTokens["area"].ToString();

            string areaName = String.Empty;
            if (filterContext.RouteData.DataTokens.ContainsKey("area"))
                areaName = filterContext.RouteData.DataTokens["area"].ToString();

            string controllerName = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
            string actionName = filterContext.ActionDescriptor.ActionName;

            var userMenus = _userService.GetUserMenus(CurrentUser.UserId);
                //Check if the requesting user has the permission to run the controller's action
                if (!CurrentUser.IsInMenu(areaName,controllerName, actionName, userMenus))
                {                    
                    filterContext.Result = new RedirectToRouteResult(new
                      RouteValueDictionary(new { controller = "Account", action = "AccessDenied" }));
                    return;
                }


                //if (!String.IsNullOrEmpty(Roles))
                //{
                //    if (!CurrentUser.IsInRole(Roles))
                //    {
                //        filterContext.Result = new RedirectToRouteResult(new
                //            RouteValueDictionary(new { controller = "Account", action = "AccessDenied" }));
                //        return;
                //        // base.OnAuthorization(filterContext); //returns to login url
                //    }
                //}

                //if (!String.IsNullOrEmpty(Users))
                //{
                //    if (!Users.Contains(CurrentUser.UserId.ToString()))
                //    {
                //        filterContext.Result = new RedirectToRouteResult(new
                //            RouteValueDictionary(new { controller = "Account", action = "AccessDenied" }));
                //        return;
                //        // base.OnAuthorization(filterContext); //returns to login url
                //    }
                //}

                base.OnAuthorization(filterContext);
            


        }
    }
}
